Fedora Update Notification
2021-06-11 01:12:06.314182

Name        : squid
Product     : Fedora 34
Version     : 5.0.6
Release     : 1.fc34
URL         : https://www.squid-cache.org
Summary     : The Squid proxy caching server
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.

Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.

Update Information:

- version update - security update

* Mon May 17 2021 Lubos Uhliarik  - 7:5.0.6-1
- new version 5.0.6

  [ 1 ] Bug #1939940 - CVE-2021-28116 squid: out-of-bounds read in WCCP protocol data may lead to information disclosure [fedora-all]
  [ 2 ] Bug #1959538 - CVE-2021-33620 squid: denial of service in HTTP response processing [fedora-all]
  [ 3 ] Bug #1962596 - CVE-2021-31806 squid: improper input validation in HTTP Range header [fedora-all]
  [ 4 ] Bug #1962598 - CVE-2021-31807 squid: incorrect memory management may lead to DoS [fedora-all]
  [ 5 ] Bug #1962600 - CVE-2021-31808 squid: an integer overflow may lead to a DoS [fedora-all]
  [ 6 ] Bug #1963363 - CVE-2021-28652 squid: denial of service issue in Cache Manager [fedora-all]
  [ 7 ] Bug #1963381 - CVE-2021-28662 squid: denial of service in HTTP response processing [fedora-all]
  [ 8 ] Bug #1963391 - CVE-2021-28651 squid: denial of service in URN processing [fedora-all]

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-c0bec55ec7' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure